BUSINESS TECHNOLOGY MEDIA COMPANY
Companies
Sectors
Malware

New Android malware on the loose

Read time 2min 40sec
A new type of Android malware downloads paid apps without the knowledge of the smartphone or tablet user, says G Data Security Labs.
A new type of Android malware downloads paid apps without the knowledge of the smartphone or tablet user, says G Data Security Labs.

Experts at G Data Security Labs have discovered a new type of Android malware that downloads paid apps without the knowledge of the smartphone or tablet user.

According to G Data, the malware is hidden in fake GO Weather, Travel Sky or E-Strong File Explorer apps and is being distributed through various Chinese Web sites and third-party provider app marketplaces.

Perpetrators are currently targeting customers of the world's largest mobile provider, China Mobile, it adds. The Trojan gains access to the mobile provider's app store and can then download and install additional malware or paid apps.

G Data believes it might spread to the rest of the world.

The security solutions provider also notes that online criminals have been using the Android malware MMarketPay.A as a new way of making money from e-crime.

In a statement, G Data states that, previously, malware writers focused on the theft of personal data, spy attacks and sending premium-rate SMSes.

"Now they have managed to gain access to a mobile provider's app store for the first time. To do this, the malware changes the mobile device's access point name (APN) and connects to China Mobile. Access points on tablets and smartphones are usually used by mobile providers to provide system updates, for example. Here, the Trojan intercepts the confirmation message and provides a response via a special server."

The malware can thus access China Mobile's app store without logging in, then purchase and install any apps, at any time, at the victim's expense.

To protect themselves, G Data urges Android users to use an effective, comprehensive security solution that thoroughly protects the mobile device.

It also points out that users must always install updates to keep their operating systems and the programs and applications they use fully up to date. "This closes security loopholes that cyber criminals could otherwise exploit for attacks."

Users must also only get their apps from trustworthy sources, for example, from Google Play for Android devices and from provider Web sites. "When you choose applications, pay attention to how often they have been downloaded. The more times an application has been downloaded, the more trustworthy it is. You should also check what authorisations these apps have. Be careful with applications that can, for example, initiate calls or send text messages. In general, you should only install apps that you really need."

The vendor also urges users to ignore messages of unknown origin on their smartphones or tablets. "Users who like to play it safe can usually check online whether these messages are correct, or call their provider's customer service.

"Check your phone bill. If it includes charges for services that you have not used, you might be a victim of fraud."

See also